<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
    "http://www.w3.org/TR/html4/loose.dtd">

<html>

<head>

    <title>org.bhf.security.authorization</title>
    <meta http-equiv="Content-type" content="text/html; charset=iso-8859-1">

    <style type="text/css">
        body { background: #FFF; }
    </style>
</head>

<body>

<p>
This package contains classes implementing the authorization aspect
of security.  Before authorization is performed, a <code>Subject</code>
and <code>Project</code> are placed in context using
<code>ContextSubject</code> and <code>ContextProject</code> (respectively)
or associated with the entire application by using the set default methods
in <code>RoleBasedSecurityManager</code>.  If either the <code>Subject</code>
or the <code>Project</code> are not established, all check permission calls
will throw a <code>SecurityException</code>.
</p>

<p>
The <code>RoleBasedSecurityManager</code> retrieves the project security
policy using the <code>PolicyProvider</code> facility.  Different
implementations of this facility allow the policies to be stored
in XML files or a database, for example. <code>PolicyProvider</code>s that
allow the application to change the Project security policy must also
implement the <code>PolicyManager</code> interface.
</p>

<p>
<code>HierarchicalPermissionDelegate</code> provides helper methods
for implementing <code>Permission</code> classes that represent operations
on a resource in a resource hierarchy.  <code>ParameterizablePermission</code>
is the interface that parameterizable <code>Permissions</code> must implement.
</p>

</body>
</html>